Advantech WebAccess webvrpcs Service DrawSrv TagGroup Buffer Overflow Exploit

The specific flaw exists within the implementation of the 0x280A IOCTL in the DrawSrv subsystem. A stack-based buffer overflow vulnerability exists in a call to strcpy. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2016-0856
Product Version: 
2015_R1
Released Date: 
Friday, March 4, 2016 - 00:00